<?php
$host="remote-mysql4.servage.net"; // Host name
$username="ntnu"; // Mysql username
$password="fotball123"; // Mysql password
$db_name="ntnu"; // Database name
//$tbl_name="members"; // Table name

// Connect to server and select databse.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");


//include("../mysql.php");
$tbl_name="brukere"; //tabell navn

// username and password sent from form
$myusername=$_POST['brukernavn'];
$mypassword=$_POST['passord'];

// To protect MySQL injection (more detail about MySQL injection)
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);
$myusername = mysql_real_escape_string($myusername);
$mypassword = mysql_real_escape_string($mypassword);

$sql="SELECT * FROM $tbl_name WHERE brukernavn='$myusername' and passord='$mypassword'";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);

// Mysql_num_row is counting table row
$count=mysql_num_rows($result);
// If result matched $myusername and $mypassword, table row must be 1 row

if($count==1)
{
// Register $myusername, $mypassword and redirect to file "login_success.php"
//$_SESSION['bruker'] = $_POST['myusername'];
//echo "lvl :{$row['brukertype']} <br>";
	session_register("myusername");
	session_register("mypassword");
	$_SESSION['brukertype'] = $row['brukertype'];
//session_register("brukertype");

//$_SESSION['level'] = $row['level'];

	header("location:login_success.php");
}

else 
{
	echo "Feil brukernavn eller passord";
}
?>